Leaderboard

Just remember there are a bunch of open source modules/plugins/templates/gateways/etc from naja7host. That doesn't include his helpful code posts in this forum. Plus he has been around the forum since the end of 2012. That gives me a lot to go on to base his coding skill off of as well as his reputation around this community. You are fairly active on the forums but from what I can see you don't have any open source projects for blesta that I can look at. You haven't yet contributed enough to the community to be considered at naja7host's level. Maybe in the future as contribute more and have more people using your modules/plugins and reviewing them, but not yet.

Thank you both very much. We are delighted to know that our product meets customer demands!

Update 5.1.1 Security Update cPanel Extended 5.1.1 Source Code Audition: https://codeclimate.com/github/CyanDarkInc/cPanel-Extended/issues

OK guys, this page has been updated. Please review. I made some grammar changes, etc. especially on yours @timnboyshttps://www.blesta.com/development/

That's a neat service and only 3 small issues lol.

Wonderfull services .

I'm not a coder... but I asked my dev to really customize my blesta install, and he did a great job doing it without ever touching the core files. We hit some limitations (like you would on competitors), which could be overcome, but that meant overwriting core files and like you, I didn't think it was a good idea It's very secure though. I had an outside party try all the common attack vectors + whatever they had in their toolbox and no exploits to be found. So while I didn't do it myself, it does seem like Blesta's way to theme things is still secure. Btw : one thing I'd suggest is get a dev or staging license from Blesta. Have your third party theme it on that license. Run tests on it, get the code reviewed by someone else if you don't trust your dev, and when you feel good about it, move it to production.

weird. When i tried to make it cause errors, a little red box appeared on top and it said there was an error. There were no details, but at least it showed an error Maybe a firewall / timeout issue? I can't say for sure without more info. That's what usually happens to scripts who hit a CSF problem. Maybe @cyandark can chime in, and provide some log locations to see if you can find the exact error and what the script is doing.

Giving someone you do not trust access to your code, via your templates or otherwise, is never a good idea. Blesta uses a template engine as part of minPHP, it just so happens it is very light weight. If I recall, Smarty had some major security vulnerabilities which affected at least 2 of our competitors. The bottom line is, you should only install extensions or themes from sources you trust.

Hello everyone! We are thrilled to bits to announce that our offer is growing again! An absolutely fresh product has been released, thereby opening a whole new spectrum of advantages for Blesta users. OpenStack VPS For Blesta has been designed to yield a wealth of ease to the provisioning and management of virtual servers. You will be allowed the possibility to control all server aspects in a strict manner. At the same time, your customers will be able to order VPS products tailored finely to their needs and manage them right inside your Blesta accordingly. They will be able to monitor server details, access noVNC console, manage backups, control the list of planned tasks - we could go on and on with the lead-in but there are simply too many magnificent possibilities this new module rises. Visit our website, download a free trial version and let the product speaks for itself! We encourage you most warmly to visit our website and find out all about OpenStack VPS For Blesta! Need Custom Software Development For Your Business? Get Your Free Quote Now! Specially for you we will adapt an application and its design to your own needs, create a new module or even a completely new system built from scratch!

a plugin can do this . if you need it PM me .

Not sure which plugins you are talking about . from my part all my plugins/ modules will be upgraded to be fully v4 compatible . we have begin the most used free plugin "cookies cutter" , we have added so many option now to that plugin, the next is clean orders and resend welcome email . i think they need just a small Html code change . We have Logicboxes Reloaded already upgraded , but we will not release it now, as we respect other developer that has a paid version, so we don't want to disturb his business .

As far as I know from reading his posts he is not a developer. He can probably vouch for you getting the job done in a timely manner and for a fair price but he has no say on your code quality which is where the question lies. I personally don't need anyone to vouch for you right now as I am not interested in your Blesta modules. I am guessing there are many others who are quite happy with the plugins/modules you have released though and didn't need a code audit or anything else to feel comfortable purchasing them. I am just trying to help you understand why someone may want an audit. Like I said before, if you don't feel that is necessary, your best course of action is to say "I am sorry, we have no plans currently to get X audited." and leave it at that. That can be a sound business choice and doesn't need any follow up nor explanation on your behalf. Losing out on a customer is not always a bad thing.

Yes I do, which is why I am not using it. Why should I trust you? Trust is earned not given out freely. You have nobody to vouch for you though which is the main problem. If I took your word on that it would be the same as hiring someone without an interview after doing nothing more then talking to them on the phone and them saying I am good at whatever you are hiring me for. If you are getting a real code audit you will have legal agreements in place which will prevent them from doing that. If they do steal your code you will have the legal means to recoup losses based on this. If you aren't getting a reputable auditor then you may be wasting money because why would I trust a random "Joe Shmoe" anymore then I would trust you. Your auditor needs to be the trustworthy third party who is essentially vouching for you. Please don't take what I am saying as a personal attack as it is not. I am just trying to explain why someone asking for you to get a code audit is not an unreasonable request.

Blesta being mostly viewable source means one can audit it and see the design practices they used and feel good about what I am using. Personally, when I am putting someone else's code into something (a plugin or module) I believe is safe (Blesta) I prefer to have the knowledge that it is secure as well. Asking for a code audit on encoded software isn't that unreasonable of a request, especially if you are buying from a non-seasoned company/developer who doesn't have a large reputation and long history. As a developer you can easily say no to his audit request and lose out on him/her as a customer. There is nothing wrong with going down that route but until you have a solid reputation it can be helpful to have someone vouch for you, in this case via a code audit.

I'd have to agree with the others... it's best to have a billing-system dial for how many to send at any given time. I would not assume that the mail server will spool it for you and send it out in batches. I would assume that by default you should have the option to control how often it sends e-mail and how quickly it should send that e-mail. Complying with the CAN-SPAM act in the US and other likewise legislation in other countries would be difficult if you assume that any Blesta user wouldn't mind having their billing server be blacklisted for sending out too much... even if it is legit.

... I completely forgot to do the upgrade. Fortunately, it didn't do anything damaging since I hadn't performed the upgrade... But, doing the upgrade via web went through nicely. It did redirect to the admin dashboard with a completed successfully message. php 5.6 here, default install on a development server. This was from 3.6.2 to 4.0.0 beta 1. Wouldn't be surprised if you had a module or something similar causing a white page but... this is basically a very clean install, so it seems to have worked for me in that aspect. Edit: The upgrade took about 2-3 seconds or so before it completed.

I agree, $500 is crazy cheap for a lifetime license. $700-$800 is where I would expect it to be price wise. Anyone who is doing serious business will most likely keep their billing system around for way more than 5 years which would be the current break even between an owned unbranded and an owned lifetime. In my opinion a 10-12 year break even point makes more sense to me but I would need to feel very strongly that the company will continue on for that long and has a good history behind them. I believe Blesta is getting to that point where they have a solid history, albeit a bit slow at times, of new versions/features/and bugfixes and a strong roadmap which makes me think they will do well in the market and be around for many more years. I agree 100%, if I am hosting the software nothing in the software changes regardless of the amount of users I have. Only the server requirements change. If they are hosting it for me I would be ok with them charging me per user. However I am not even sure how safe I would feel letting another entity control my billing platform as that is the lifeline for me to bring in income.

We have no plans whatsoever to go to a per-client billing model. I just don't see that ever happening, I'm not a fan of the model. In theory it sounds great and fair, but in reality it only works for SaaS. The Lifetime license is certainly the most likely to get a price hike. Because it comes with updates forever, we have to be careful about how many we sell. That said, no company will ever say they will never raise prices. Inflation alone makes that impossible to promise. But, if you look at our record you'll see that we have never raised prices, and if we did, we certainly wouldn't raise them by 200% overnight.

Blesta uses the native template system, php itself. There is no smarty/twig integration. My experience is that these template engines unnecessarily add undo stress with additional constructs to learn, and come with their own set of issues and limitations. I wouldn't trust a web designer with source code either, so I don't. Any web designer should be able to create a mockup of any design updates through markup and a developer can review and integrate them into the system. Custom pages are typically created within plugins, otherwise you would need to add/update source code in Blesta itself. Blesta is built on an MVC framework, so you would need to create an appropriate controller, all views (templates), and if you need to access data, a model as well. Then you would need to integrate that wherever you plan to use it. You should also create permissions for access to your new page. This is where developing a plugin shines, as you can design and construct complex pages/actions without updating the core system at all. Modules can define their own pages which will appear as tabs when managing the service they are attached to. There is a short example in the module documentation for creating tabs.

Very nice, some people have been asking for this.

Lovely keep the hard work up guys.

Hi @Paul I sent you a PM with the text.

The major email providers will block spam or those perceived to be spam, so don't send spam and you shouldn't have much of a problem. Emailing a lot of users will take a long time to send anyway. If you send 5000 emails from the mass mailer, I would not be surprised if it took 90 minutes to complete. I don't think this would trigger a rate limit.